Overview
On Prem Active Directory (AD DS) Administration Jobs in Federal Territory of Kuala Lumpur, Malaysia at RiDiK (a Subsidiary of CLPS. Nasdaq: CLPS)
Title: On Prem Active Directory (AD DS) Administration
Company: RiDiK (a Subsidiary of CLPS. Nasdaq: CLPS)
Location: Federal Territory of Kuala Lumpur, Malaysia
On Prem Active Directory (AD DS)
Experience level- 5 to 8 years
Location : KL
Below is the JD for this .
Key Responsibilities
1) On Prem Active Directory (AD DS) Administration
• Administer AD DS components: forests, domains, trusts, OUs, users/groups, and delegation models.
• Manage and maintain Domain Controllers, ensuring health, capacity, patching, and lifecycle compliance.
• Configure and maintain Group Policy Objects (GPOs) including security baselines, hardening, and troubleshooting.
• Monitor and troubleshoot AD replication, SYSVOL issues, DFSR/FRS (as relevant), and domain controller health.
• Manage AD-integrated DNS including zones, records, scavenging, forwarders, and resiliency architecture.
• Perform AD upgrades/migrations (domain/forest functional levels, DC replacement, OS upgrades) with minimal downtime.
• Support Active Directory Certificate Services (AD CS) operations such as CRL publishing/renewals (if in scope).
2) Azure AD / Microsoft Entra ID (Cloud Identity)
• Administer Azure AD / Entra ID tenant configuration and identity services for enterprise users and applications.
• Implement and manage Conditional Access, MFA, Identity Protection, and risk-based access controls.
• Manage Privileged Identity Management (PIM) and privileged access policies (JIT/JEA, role assignment governance).
• Configure and support SSO, Enterprise Applications, App registrations, OAuth permissions, and federation settings.
• Operate and optimize hybrid identity services (cloud-only and synced identities) aligned to security standards.
3) Hybrid Identity & Synchronization (Azure AD Connect / Cloud Sync)
• Deploy and maintain Azure AD Connect / Cloud Sync for identity synchronization and writeback (where applicable).
• Manage synchronization rules, troubleshooting (staging mode, metaverse, connector space), and sync monitoring.
• Support hybrid authentication models: Password Hash Sync, Pass-through Authentication, or Federation (AD FS).
• Manage hybrid features like Seamless SSO, device writeback, group writeback, and lifecycle operations.
4) Security, Compliance & Governance
• Enforce identity security baseline: least privilege, tiering model, administrative boundaries, and secure admin workstations.
• Support audits by providing evidence: access reviews, privileged role logs, change records, and security reports.
• Implement and maintain RBAC, delegated admin permissions, and standard operating procedures for identity operations.
• Drive remediation for vulnerabilities and security findings related to directory services and identity components.
5) Operations, Monitoring & ITSM Processes
• Provide L2/L3 support for incidents and service requests related to AD, Entra ID, SSO, and authentication.
• Manage changes through Change Management, create implementation plans, rollback procedures, and conduct PIRs/RCA.
• Maintain monitoring dashboards and alerts for AD DS, DNS, AAD Connect, Entra sign-in activity, and service health.
• Create and maintain knowledge articles, runbooks, SOPs, and operational documentation.
6) Integration & Stakeholder Collaboration
• Work with Security/IAM teams on access governance, privileged access, and policy enforcement.
• Collaborate with Messaging/M365, Endpoint, Network, and Application teams for identity integrations and SSO enablement.
• Provide technical inputs for enhancements, standardization, and continuous improvement of identity services.
